1*0f4c859eSApple OSS Distributions /*
2*0f4c859eSApple OSS Distributions * Copyright (c) 2022 Apple Computer, Inc. All rights reserved.
3*0f4c859eSApple OSS Distributions *
4*0f4c859eSApple OSS Distributions * @APPLE_LICENSE_HEADER_START@
5*0f4c859eSApple OSS Distributions *
6*0f4c859eSApple OSS Distributions * The contents of this file constitute Original Code as defined in and
7*0f4c859eSApple OSS Distributions * are subject to the Apple Public Source License Version 1.1 (the
8*0f4c859eSApple OSS Distributions * "License"). You may not use this file except in compliance with the
9*0f4c859eSApple OSS Distributions * License. Please obtain a copy of the License at
10*0f4c859eSApple OSS Distributions * http://www.apple.com/publicsource and read it before using this file.
11*0f4c859eSApple OSS Distributions *
12*0f4c859eSApple OSS Distributions * This Original Code and all software distributed under the License are
13*0f4c859eSApple OSS Distributions * distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY KIND, EITHER
14*0f4c859eSApple OSS Distributions * EXPRESS OR IMPLIED, AND APPLE HEREBY DISCLAIMS ALL SUCH WARRANTIES,
15*0f4c859eSApple OSS Distributions * INCLUDING WITHOUT LIMITATION, ANY WARRANTIES OF MERCHANTABILITY,
16*0f4c859eSApple OSS Distributions * FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT. Please see the
17*0f4c859eSApple OSS Distributions * License for the specific language governing rights and limitations
18*0f4c859eSApple OSS Distributions * under the License.
19*0f4c859eSApple OSS Distributions *
20*0f4c859eSApple OSS Distributions * @APPLE_LICENSE_HEADER_END@
21*0f4c859eSApple OSS Distributions */
22*0f4c859eSApple OSS Distributions
23*0f4c859eSApple OSS Distributions #include <os/overflow.h>
24*0f4c859eSApple OSS Distributions #include <machine/atomic.h>
25*0f4c859eSApple OSS Distributions #include <mach/vm_param.h>
26*0f4c859eSApple OSS Distributions #include <vm/vm_kern.h>
27*0f4c859eSApple OSS Distributions #include <kern/zalloc.h>
28*0f4c859eSApple OSS Distributions #include <kern/kalloc.h>
29*0f4c859eSApple OSS Distributions #include <kern/assert.h>
30*0f4c859eSApple OSS Distributions #include <kern/locks.h>
31*0f4c859eSApple OSS Distributions #include <kern/lock_rw.h>
32*0f4c859eSApple OSS Distributions #include <libkern/libkern.h>
33*0f4c859eSApple OSS Distributions #include <libkern/section_keywords.h>
34*0f4c859eSApple OSS Distributions #include <libkern/coretrust/coretrust.h>
35*0f4c859eSApple OSS Distributions #include <pexpert/pexpert.h>
36*0f4c859eSApple OSS Distributions #include <sys/vm.h>
37*0f4c859eSApple OSS Distributions #include <sys/proc.h>
38*0f4c859eSApple OSS Distributions #include <sys/codesign.h>
39*0f4c859eSApple OSS Distributions #include <sys/code_signing.h>
40*0f4c859eSApple OSS Distributions #include <uuid/uuid.h>
41*0f4c859eSApple OSS Distributions #include <IOKit/IOBSD.h>
42*0f4c859eSApple OSS Distributions
43*0f4c859eSApple OSS Distributions #if PMAP_CS_PPL_MONITOR
44*0f4c859eSApple OSS Distributions /*
45*0f4c859eSApple OSS Distributions * The Page Protection Layer layer implements the PMAP_CS monitor environment which
46*0f4c859eSApple OSS Distributions * provides code signing and memory isolation enforcements for data structures which
47*0f4c859eSApple OSS Distributions * are critical to ensuring that all code executed on the system is authorized to do
48*0f4c859eSApple OSS Distributions * so.
49*0f4c859eSApple OSS Distributions *
50*0f4c859eSApple OSS Distributions * Unless the data is managed by the PPL itself, XNU needs to page-align everything,
51*0f4c859eSApple OSS Distributions * and then reference the memory as read-only.
52*0f4c859eSApple OSS Distributions */
53*0f4c859eSApple OSS Distributions
54*0f4c859eSApple OSS Distributions typedef uint64_t pmap_paddr_t __kernel_ptr_semantics;
55*0f4c859eSApple OSS Distributions extern vm_map_address_t phystokv(pmap_paddr_t pa);
56*0f4c859eSApple OSS Distributions extern pmap_paddr_t kvtophys_nofail(vm_offset_t va);
57*0f4c859eSApple OSS Distributions
58*0f4c859eSApple OSS Distributions #pragma mark Initialization
59*0f4c859eSApple OSS Distributions
60*0f4c859eSApple OSS Distributions void
code_signing_init()61*0f4c859eSApple OSS Distributions code_signing_init()
62*0f4c859eSApple OSS Distributions {
63*0f4c859eSApple OSS Distributions /* Does nothing */
64*0f4c859eSApple OSS Distributions }
65*0f4c859eSApple OSS Distributions
66*0f4c859eSApple OSS Distributions #pragma mark Developer Mode
67*0f4c859eSApple OSS Distributions
68*0f4c859eSApple OSS Distributions SECURITY_READ_ONLY_LATE(bool*) developer_mode_enabled = &ppl_developer_mode_storage;
69*0f4c859eSApple OSS Distributions
70*0f4c859eSApple OSS Distributions void
ppl_toggle_developer_mode(bool state)71*0f4c859eSApple OSS Distributions ppl_toggle_developer_mode(
72*0f4c859eSApple OSS Distributions bool state)
73*0f4c859eSApple OSS Distributions {
74*0f4c859eSApple OSS Distributions pmap_toggle_developer_mode(state);
75*0f4c859eSApple OSS Distributions }
76*0f4c859eSApple OSS Distributions
77*0f4c859eSApple OSS Distributions #pragma mark Code Signing and Provisioning Profiles
78*0f4c859eSApple OSS Distributions
79*0f4c859eSApple OSS Distributions bool
ppl_code_signing_enabled(void)80*0f4c859eSApple OSS Distributions ppl_code_signing_enabled(void)
81*0f4c859eSApple OSS Distributions {
82*0f4c859eSApple OSS Distributions return pmap_cs_enabled();
83*0f4c859eSApple OSS Distributions }
84*0f4c859eSApple OSS Distributions
85*0f4c859eSApple OSS Distributions kern_return_t
ppl_register_provisioning_profile(const void * profile_blob,const size_t profile_blob_size,void ** profile_obj)86*0f4c859eSApple OSS Distributions ppl_register_provisioning_profile(
87*0f4c859eSApple OSS Distributions const void *profile_blob,
88*0f4c859eSApple OSS Distributions const size_t profile_blob_size,
89*0f4c859eSApple OSS Distributions void **profile_obj)
90*0f4c859eSApple OSS Distributions {
91*0f4c859eSApple OSS Distributions pmap_profile_payload_t *pmap_payload = NULL;
92*0f4c859eSApple OSS Distributions vm_address_t payload_addr = 0;
93*0f4c859eSApple OSS Distributions vm_size_t payload_size = 0;
94*0f4c859eSApple OSS Distributions vm_size_t payload_size_aligned = 0;
95*0f4c859eSApple OSS Distributions kern_return_t ret = KERN_DENIED;
96*0f4c859eSApple OSS Distributions
97*0f4c859eSApple OSS Distributions if (os_add_overflow(sizeof(*pmap_payload), profile_blob_size, &payload_size)) {
98*0f4c859eSApple OSS Distributions panic("attempted to load a too-large profile: %lu bytes", profile_blob_size);
99*0f4c859eSApple OSS Distributions }
100*0f4c859eSApple OSS Distributions payload_size_aligned = round_page(payload_size);
101*0f4c859eSApple OSS Distributions
102*0f4c859eSApple OSS Distributions ret = kmem_alloc(kernel_map, &payload_addr, payload_size_aligned,
103*0f4c859eSApple OSS Distributions KMA_KOBJECT | KMA_DATA | KMA_ZERO, VM_KERN_MEMORY_SECURITY);
104*0f4c859eSApple OSS Distributions if (ret != KERN_SUCCESS) {
105*0f4c859eSApple OSS Distributions printf("unable to allocate memory for pmap profile payload: %d\n", ret);
106*0f4c859eSApple OSS Distributions goto exit;
107*0f4c859eSApple OSS Distributions }
108*0f4c859eSApple OSS Distributions
109*0f4c859eSApple OSS Distributions /* We need to setup the payload before we send it to the PPL */
110*0f4c859eSApple OSS Distributions pmap_payload = (pmap_profile_payload_t*)payload_addr;
111*0f4c859eSApple OSS Distributions
112*0f4c859eSApple OSS Distributions pmap_payload->profile_blob_size = profile_blob_size;
113*0f4c859eSApple OSS Distributions memcpy(pmap_payload->profile_blob, profile_blob, profile_blob_size);
114*0f4c859eSApple OSS Distributions
115*0f4c859eSApple OSS Distributions ret = pmap_register_provisioning_profile(payload_addr, payload_size_aligned);
116*0f4c859eSApple OSS Distributions if (ret == KERN_SUCCESS) {
117*0f4c859eSApple OSS Distributions *profile_obj = &pmap_payload->profile_obj_storage;
118*0f4c859eSApple OSS Distributions *profile_obj = (pmap_cs_profile_t*)phystokv(kvtophys_nofail((vm_offset_t)*profile_obj));
119*0f4c859eSApple OSS Distributions }
120*0f4c859eSApple OSS Distributions
121*0f4c859eSApple OSS Distributions exit:
122*0f4c859eSApple OSS Distributions if ((ret != KERN_SUCCESS) && (payload_addr != 0)) {
123*0f4c859eSApple OSS Distributions kmem_free(kernel_map, payload_addr, payload_size_aligned);
124*0f4c859eSApple OSS Distributions payload_addr = 0;
125*0f4c859eSApple OSS Distributions payload_size_aligned = 0;
126*0f4c859eSApple OSS Distributions }
127*0f4c859eSApple OSS Distributions
128*0f4c859eSApple OSS Distributions return ret;
129*0f4c859eSApple OSS Distributions }
130*0f4c859eSApple OSS Distributions
131*0f4c859eSApple OSS Distributions kern_return_t
ppl_unregister_provisioning_profile(void * profile_obj)132*0f4c859eSApple OSS Distributions ppl_unregister_provisioning_profile(
133*0f4c859eSApple OSS Distributions void *profile_obj)
134*0f4c859eSApple OSS Distributions {
135*0f4c859eSApple OSS Distributions pmap_cs_profile_t *ppl_profile_obj = profile_obj;
136*0f4c859eSApple OSS Distributions kern_return_t ret = KERN_DENIED;
137*0f4c859eSApple OSS Distributions
138*0f4c859eSApple OSS Distributions ret = pmap_unregister_provisioning_profile(ppl_profile_obj);
139*0f4c859eSApple OSS Distributions if (ret != KERN_SUCCESS) {
140*0f4c859eSApple OSS Distributions return ret;
141*0f4c859eSApple OSS Distributions }
142*0f4c859eSApple OSS Distributions
143*0f4c859eSApple OSS Distributions /* Get the original payload address */
144*0f4c859eSApple OSS Distributions const pmap_profile_payload_t *pmap_payload = ppl_profile_obj->original_payload;
145*0f4c859eSApple OSS Distributions const vm_address_t payload_addr = (const vm_address_t)pmap_payload;
146*0f4c859eSApple OSS Distributions
147*0f4c859eSApple OSS Distributions /* Get the original payload size */
148*0f4c859eSApple OSS Distributions vm_size_t payload_size = pmap_payload->profile_blob_size + sizeof(*pmap_payload);
149*0f4c859eSApple OSS Distributions payload_size = round_page(payload_size);
150*0f4c859eSApple OSS Distributions
151*0f4c859eSApple OSS Distributions /* Free the payload */
152*0f4c859eSApple OSS Distributions kmem_free(kernel_map, payload_addr, payload_size);
153*0f4c859eSApple OSS Distributions pmap_payload = NULL;
154*0f4c859eSApple OSS Distributions
155*0f4c859eSApple OSS Distributions return KERN_SUCCESS;
156*0f4c859eSApple OSS Distributions }
157*0f4c859eSApple OSS Distributions
158*0f4c859eSApple OSS Distributions kern_return_t
ppl_associate_provisioning_profile(void * sig_obj,void * profile_obj)159*0f4c859eSApple OSS Distributions ppl_associate_provisioning_profile(
160*0f4c859eSApple OSS Distributions void *sig_obj,
161*0f4c859eSApple OSS Distributions void *profile_obj)
162*0f4c859eSApple OSS Distributions {
163*0f4c859eSApple OSS Distributions return pmap_associate_provisioning_profile(sig_obj, profile_obj);
164*0f4c859eSApple OSS Distributions }
165*0f4c859eSApple OSS Distributions
166*0f4c859eSApple OSS Distributions kern_return_t
ppl_disassociate_provisioning_profile(void * sig_obj)167*0f4c859eSApple OSS Distributions ppl_disassociate_provisioning_profile(
168*0f4c859eSApple OSS Distributions void *sig_obj)
169*0f4c859eSApple OSS Distributions {
170*0f4c859eSApple OSS Distributions return pmap_disassociate_provisioning_profile(sig_obj);
171*0f4c859eSApple OSS Distributions }
172*0f4c859eSApple OSS Distributions
173*0f4c859eSApple OSS Distributions void
ppl_set_compilation_service_cdhash(const uint8_t cdhash[CS_CDHASH_LEN])174*0f4c859eSApple OSS Distributions ppl_set_compilation_service_cdhash(
175*0f4c859eSApple OSS Distributions const uint8_t cdhash[CS_CDHASH_LEN])
176*0f4c859eSApple OSS Distributions {
177*0f4c859eSApple OSS Distributions pmap_set_compilation_service_cdhash(cdhash);
178*0f4c859eSApple OSS Distributions }
179*0f4c859eSApple OSS Distributions
180*0f4c859eSApple OSS Distributions bool
ppl_match_compilation_service_cdhash(const uint8_t cdhash[CS_CDHASH_LEN])181*0f4c859eSApple OSS Distributions ppl_match_compilation_service_cdhash(
182*0f4c859eSApple OSS Distributions const uint8_t cdhash[CS_CDHASH_LEN])
183*0f4c859eSApple OSS Distributions {
184*0f4c859eSApple OSS Distributions return pmap_match_compilation_service_cdhash(cdhash);
185*0f4c859eSApple OSS Distributions }
186*0f4c859eSApple OSS Distributions
187*0f4c859eSApple OSS Distributions void
ppl_set_local_signing_public_key(const uint8_t public_key[XNU_LOCAL_SIGNING_KEY_SIZE])188*0f4c859eSApple OSS Distributions ppl_set_local_signing_public_key(
189*0f4c859eSApple OSS Distributions const uint8_t public_key[XNU_LOCAL_SIGNING_KEY_SIZE])
190*0f4c859eSApple OSS Distributions {
191*0f4c859eSApple OSS Distributions return pmap_set_local_signing_public_key(public_key);
192*0f4c859eSApple OSS Distributions }
193*0f4c859eSApple OSS Distributions
194*0f4c859eSApple OSS Distributions uint8_t*
ppl_get_local_signing_public_key(void)195*0f4c859eSApple OSS Distributions ppl_get_local_signing_public_key(void)
196*0f4c859eSApple OSS Distributions {
197*0f4c859eSApple OSS Distributions return pmap_get_local_signing_public_key();
198*0f4c859eSApple OSS Distributions }
199*0f4c859eSApple OSS Distributions
200*0f4c859eSApple OSS Distributions void
ppl_unrestrict_local_signing_cdhash(const uint8_t cdhash[CS_CDHASH_LEN])201*0f4c859eSApple OSS Distributions ppl_unrestrict_local_signing_cdhash(
202*0f4c859eSApple OSS Distributions const uint8_t cdhash[CS_CDHASH_LEN])
203*0f4c859eSApple OSS Distributions {
204*0f4c859eSApple OSS Distributions pmap_unrestrict_local_signing(cdhash);
205*0f4c859eSApple OSS Distributions }
206*0f4c859eSApple OSS Distributions
207*0f4c859eSApple OSS Distributions vm_size_t
ppl_managed_code_signature_size(void)208*0f4c859eSApple OSS Distributions ppl_managed_code_signature_size(void)
209*0f4c859eSApple OSS Distributions {
210*0f4c859eSApple OSS Distributions return pmap_cs_blob_limit;
211*0f4c859eSApple OSS Distributions }
212*0f4c859eSApple OSS Distributions
213*0f4c859eSApple OSS Distributions kern_return_t
ppl_register_code_signature(const vm_address_t signature_addr,const vm_size_t signature_size,const vm_offset_t code_directory_offset,const char * signature_path,void ** sig_obj,vm_address_t * ppl_signature_addr)214*0f4c859eSApple OSS Distributions ppl_register_code_signature(
215*0f4c859eSApple OSS Distributions const vm_address_t signature_addr,
216*0f4c859eSApple OSS Distributions const vm_size_t signature_size,
217*0f4c859eSApple OSS Distributions const vm_offset_t code_directory_offset,
218*0f4c859eSApple OSS Distributions const char *signature_path,
219*0f4c859eSApple OSS Distributions void **sig_obj,
220*0f4c859eSApple OSS Distributions vm_address_t *ppl_signature_addr)
221*0f4c859eSApple OSS Distributions {
222*0f4c859eSApple OSS Distributions pmap_cs_code_directory_t *cd_entry = NULL;
223*0f4c859eSApple OSS Distributions
224*0f4c859eSApple OSS Distributions /* PPL doesn't care about the signature path */
225*0f4c859eSApple OSS Distributions (void)signature_path;
226*0f4c859eSApple OSS Distributions
227*0f4c859eSApple OSS Distributions kern_return_t ret = pmap_cs_register_code_signature_blob(
228*0f4c859eSApple OSS Distributions signature_addr,
229*0f4c859eSApple OSS Distributions signature_size,
230*0f4c859eSApple OSS Distributions code_directory_offset,
231*0f4c859eSApple OSS Distributions (pmap_cs_code_directory_t**)sig_obj);
232*0f4c859eSApple OSS Distributions
233*0f4c859eSApple OSS Distributions if (ret != KERN_SUCCESS) {
234*0f4c859eSApple OSS Distributions return ret;
235*0f4c859eSApple OSS Distributions }
236*0f4c859eSApple OSS Distributions cd_entry = *((pmap_cs_code_directory_t**)sig_obj);
237*0f4c859eSApple OSS Distributions
238*0f4c859eSApple OSS Distributions if (ppl_signature_addr) {
239*0f4c859eSApple OSS Distributions *ppl_signature_addr = (vm_address_t)cd_entry->superblob;
240*0f4c859eSApple OSS Distributions }
241*0f4c859eSApple OSS Distributions
242*0f4c859eSApple OSS Distributions return KERN_SUCCESS;
243*0f4c859eSApple OSS Distributions }
244*0f4c859eSApple OSS Distributions
245*0f4c859eSApple OSS Distributions kern_return_t
ppl_unregister_code_signature(void * sig_obj)246*0f4c859eSApple OSS Distributions ppl_unregister_code_signature(
247*0f4c859eSApple OSS Distributions void *sig_obj)
248*0f4c859eSApple OSS Distributions {
249*0f4c859eSApple OSS Distributions return pmap_cs_unregister_code_signature_blob(sig_obj);
250*0f4c859eSApple OSS Distributions }
251*0f4c859eSApple OSS Distributions
252*0f4c859eSApple OSS Distributions kern_return_t
ppl_verify_code_signature(void * sig_obj)253*0f4c859eSApple OSS Distributions ppl_verify_code_signature(
254*0f4c859eSApple OSS Distributions void *sig_obj)
255*0f4c859eSApple OSS Distributions {
256*0f4c859eSApple OSS Distributions return pmap_cs_verify_code_signature_blob(sig_obj);
257*0f4c859eSApple OSS Distributions }
258*0f4c859eSApple OSS Distributions
259*0f4c859eSApple OSS Distributions kern_return_t
ppl_reconstitute_code_signature(void * sig_obj,vm_address_t * unneeded_addr,vm_size_t * unneeded_size)260*0f4c859eSApple OSS Distributions ppl_reconstitute_code_signature(
261*0f4c859eSApple OSS Distributions void *sig_obj,
262*0f4c859eSApple OSS Distributions vm_address_t *unneeded_addr,
263*0f4c859eSApple OSS Distributions vm_size_t *unneeded_size)
264*0f4c859eSApple OSS Distributions {
265*0f4c859eSApple OSS Distributions return pmap_cs_unlock_unneeded_code_signature(
266*0f4c859eSApple OSS Distributions sig_obj,
267*0f4c859eSApple OSS Distributions unneeded_addr,
268*0f4c859eSApple OSS Distributions unneeded_size);
269*0f4c859eSApple OSS Distributions }
270*0f4c859eSApple OSS Distributions
271*0f4c859eSApple OSS Distributions #pragma mark Address Spaces
272*0f4c859eSApple OSS Distributions
273*0f4c859eSApple OSS Distributions kern_return_t
ppl_associate_code_signature(pmap_t pmap,void * sig_obj,const vm_address_t region_addr,const vm_size_t region_size,const vm_offset_t region_offset)274*0f4c859eSApple OSS Distributions ppl_associate_code_signature(
275*0f4c859eSApple OSS Distributions pmap_t pmap,
276*0f4c859eSApple OSS Distributions void *sig_obj,
277*0f4c859eSApple OSS Distributions const vm_address_t region_addr,
278*0f4c859eSApple OSS Distributions const vm_size_t region_size,
279*0f4c859eSApple OSS Distributions const vm_offset_t region_offset)
280*0f4c859eSApple OSS Distributions {
281*0f4c859eSApple OSS Distributions return pmap_cs_associate(
282*0f4c859eSApple OSS Distributions pmap,
283*0f4c859eSApple OSS Distributions sig_obj,
284*0f4c859eSApple OSS Distributions region_addr,
285*0f4c859eSApple OSS Distributions region_size,
286*0f4c859eSApple OSS Distributions region_offset);
287*0f4c859eSApple OSS Distributions }
288*0f4c859eSApple OSS Distributions
289*0f4c859eSApple OSS Distributions kern_return_t
ppl_allow_jit_region(__unused pmap_t pmap)290*0f4c859eSApple OSS Distributions ppl_allow_jit_region(
291*0f4c859eSApple OSS Distributions __unused pmap_t pmap)
292*0f4c859eSApple OSS Distributions {
293*0f4c859eSApple OSS Distributions /* PPL does not support this API */
294*0f4c859eSApple OSS Distributions return KERN_NOT_SUPPORTED;
295*0f4c859eSApple OSS Distributions }
296*0f4c859eSApple OSS Distributions
297*0f4c859eSApple OSS Distributions kern_return_t
ppl_associate_jit_region(pmap_t pmap,const vm_address_t region_addr,const vm_size_t region_size)298*0f4c859eSApple OSS Distributions ppl_associate_jit_region(
299*0f4c859eSApple OSS Distributions pmap_t pmap,
300*0f4c859eSApple OSS Distributions const vm_address_t region_addr,
301*0f4c859eSApple OSS Distributions const vm_size_t region_size)
302*0f4c859eSApple OSS Distributions {
303*0f4c859eSApple OSS Distributions return pmap_cs_associate(
304*0f4c859eSApple OSS Distributions pmap,
305*0f4c859eSApple OSS Distributions PMAP_CS_ASSOCIATE_JIT,
306*0f4c859eSApple OSS Distributions region_addr,
307*0f4c859eSApple OSS Distributions region_size,
308*0f4c859eSApple OSS Distributions 0);
309*0f4c859eSApple OSS Distributions }
310*0f4c859eSApple OSS Distributions
311*0f4c859eSApple OSS Distributions kern_return_t
ppl_associate_debug_region(pmap_t pmap,const vm_address_t region_addr,const vm_size_t region_size)312*0f4c859eSApple OSS Distributions ppl_associate_debug_region(
313*0f4c859eSApple OSS Distributions pmap_t pmap,
314*0f4c859eSApple OSS Distributions const vm_address_t region_addr,
315*0f4c859eSApple OSS Distributions const vm_size_t region_size)
316*0f4c859eSApple OSS Distributions {
317*0f4c859eSApple OSS Distributions return pmap_cs_associate(
318*0f4c859eSApple OSS Distributions pmap,
319*0f4c859eSApple OSS Distributions PMAP_CS_ASSOCIATE_COW,
320*0f4c859eSApple OSS Distributions region_addr,
321*0f4c859eSApple OSS Distributions region_size,
322*0f4c859eSApple OSS Distributions 0);
323*0f4c859eSApple OSS Distributions }
324*0f4c859eSApple OSS Distributions
325*0f4c859eSApple OSS Distributions kern_return_t
ppl_address_space_debugged(pmap_t pmap)326*0f4c859eSApple OSS Distributions ppl_address_space_debugged(
327*0f4c859eSApple OSS Distributions pmap_t pmap)
328*0f4c859eSApple OSS Distributions {
329*0f4c859eSApple OSS Distributions /*
330*0f4c859eSApple OSS Distributions * ppl_associate_debug_region is a fairly idempotent function which simply
331*0f4c859eSApple OSS Distributions * checks if an address space is already debugged or not and returns a value
332*0f4c859eSApple OSS Distributions * based on that. The actual memory region is not inserted into the address
333*0f4c859eSApple OSS Distributions * space, so we can pass whatever in this case. The only caveat here though
334*0f4c859eSApple OSS Distributions * is that the memory region needs to be page-aligned and cannot be NULL.
335*0f4c859eSApple OSS Distributions */
336*0f4c859eSApple OSS Distributions return ppl_associate_debug_region(pmap, PAGE_SIZE, PAGE_SIZE);
337*0f4c859eSApple OSS Distributions }
338*0f4c859eSApple OSS Distributions
339*0f4c859eSApple OSS Distributions kern_return_t
ppl_allow_invalid_code(pmap_t pmap)340*0f4c859eSApple OSS Distributions ppl_allow_invalid_code(
341*0f4c859eSApple OSS Distributions pmap_t pmap)
342*0f4c859eSApple OSS Distributions {
343*0f4c859eSApple OSS Distributions return pmap_cs_allow_invalid(pmap);
344*0f4c859eSApple OSS Distributions }
345*0f4c859eSApple OSS Distributions
346*0f4c859eSApple OSS Distributions kern_return_t
ppl_get_trust_level_kdp(pmap_t pmap,uint32_t * trust_level)347*0f4c859eSApple OSS Distributions ppl_get_trust_level_kdp(
348*0f4c859eSApple OSS Distributions pmap_t pmap,
349*0f4c859eSApple OSS Distributions uint32_t *trust_level)
350*0f4c859eSApple OSS Distributions {
351*0f4c859eSApple OSS Distributions return pmap_get_trust_level_kdp(pmap, trust_level);
352*0f4c859eSApple OSS Distributions }
353*0f4c859eSApple OSS Distributions
354*0f4c859eSApple OSS Distributions kern_return_t
ppl_address_space_exempt(const pmap_t pmap)355*0f4c859eSApple OSS Distributions ppl_address_space_exempt(
356*0f4c859eSApple OSS Distributions const pmap_t pmap)
357*0f4c859eSApple OSS Distributions {
358*0f4c859eSApple OSS Distributions if (pmap_performs_stage2_translations(pmap) == true) {
359*0f4c859eSApple OSS Distributions return KERN_SUCCESS;
360*0f4c859eSApple OSS Distributions }
361*0f4c859eSApple OSS Distributions
362*0f4c859eSApple OSS Distributions return KERN_DENIED;
363*0f4c859eSApple OSS Distributions }
364*0f4c859eSApple OSS Distributions
365*0f4c859eSApple OSS Distributions kern_return_t
ppl_fork_prepare(pmap_t old_pmap,pmap_t new_pmap)366*0f4c859eSApple OSS Distributions ppl_fork_prepare(
367*0f4c859eSApple OSS Distributions pmap_t old_pmap,
368*0f4c859eSApple OSS Distributions pmap_t new_pmap)
369*0f4c859eSApple OSS Distributions {
370*0f4c859eSApple OSS Distributions return pmap_cs_fork_prepare(old_pmap, new_pmap);
371*0f4c859eSApple OSS Distributions }
372*0f4c859eSApple OSS Distributions
373*0f4c859eSApple OSS Distributions kern_return_t
ppl_acquire_signing_identifier(const void * sig_obj,const char ** signing_id)374*0f4c859eSApple OSS Distributions ppl_acquire_signing_identifier(
375*0f4c859eSApple OSS Distributions const void *sig_obj,
376*0f4c859eSApple OSS Distributions const char **signing_id)
377*0f4c859eSApple OSS Distributions {
378*0f4c859eSApple OSS Distributions const pmap_cs_code_directory_t *cd_entry = sig_obj;
379*0f4c859eSApple OSS Distributions
380*0f4c859eSApple OSS Distributions /* If we reach here, the identifier must have been setup */
381*0f4c859eSApple OSS Distributions assert(cd_entry->identifier != NULL);
382*0f4c859eSApple OSS Distributions
383*0f4c859eSApple OSS Distributions if (signing_id) {
384*0f4c859eSApple OSS Distributions *signing_id = cd_entry->identifier;
385*0f4c859eSApple OSS Distributions }
386*0f4c859eSApple OSS Distributions
387*0f4c859eSApple OSS Distributions return KERN_SUCCESS;
388*0f4c859eSApple OSS Distributions }
389*0f4c859eSApple OSS Distributions
390*0f4c859eSApple OSS Distributions #pragma mark Entitlements
391*0f4c859eSApple OSS Distributions
392*0f4c859eSApple OSS Distributions kern_return_t
ppl_associate_kernel_entitlements(void * sig_obj,const void * kernel_entitlements)393*0f4c859eSApple OSS Distributions ppl_associate_kernel_entitlements(
394*0f4c859eSApple OSS Distributions void *sig_obj,
395*0f4c859eSApple OSS Distributions const void *kernel_entitlements)
396*0f4c859eSApple OSS Distributions {
397*0f4c859eSApple OSS Distributions pmap_cs_code_directory_t *cd_entry = sig_obj;
398*0f4c859eSApple OSS Distributions return pmap_associate_kernel_entitlements(cd_entry, kernel_entitlements);
399*0f4c859eSApple OSS Distributions }
400*0f4c859eSApple OSS Distributions
401*0f4c859eSApple OSS Distributions kern_return_t
ppl_resolve_kernel_entitlements(pmap_t pmap,const void ** kernel_entitlements)402*0f4c859eSApple OSS Distributions ppl_resolve_kernel_entitlements(
403*0f4c859eSApple OSS Distributions pmap_t pmap,
404*0f4c859eSApple OSS Distributions const void **kernel_entitlements)
405*0f4c859eSApple OSS Distributions {
406*0f4c859eSApple OSS Distributions kern_return_t ret = KERN_DENIED;
407*0f4c859eSApple OSS Distributions const void *entitlements = NULL;
408*0f4c859eSApple OSS Distributions
409*0f4c859eSApple OSS Distributions ret = pmap_resolve_kernel_entitlements(pmap, &entitlements);
410*0f4c859eSApple OSS Distributions if ((ret == KERN_SUCCESS) && (kernel_entitlements != NULL)) {
411*0f4c859eSApple OSS Distributions *kernel_entitlements = entitlements;
412*0f4c859eSApple OSS Distributions }
413*0f4c859eSApple OSS Distributions
414*0f4c859eSApple OSS Distributions return ret;
415*0f4c859eSApple OSS Distributions }
416*0f4c859eSApple OSS Distributions
417*0f4c859eSApple OSS Distributions kern_return_t
ppl_accelerate_entitlements(void * sig_obj,CEQueryContext_t * ce_ctx)418*0f4c859eSApple OSS Distributions ppl_accelerate_entitlements(
419*0f4c859eSApple OSS Distributions void *sig_obj,
420*0f4c859eSApple OSS Distributions CEQueryContext_t *ce_ctx)
421*0f4c859eSApple OSS Distributions {
422*0f4c859eSApple OSS Distributions pmap_cs_code_directory_t *cd_entry = sig_obj;
423*0f4c859eSApple OSS Distributions kern_return_t ret = KERN_DENIED;
424*0f4c859eSApple OSS Distributions
425*0f4c859eSApple OSS Distributions ret = pmap_accelerate_entitlements(cd_entry);
426*0f4c859eSApple OSS Distributions
427*0f4c859eSApple OSS Distributions /*
428*0f4c859eSApple OSS Distributions * We only ever get KERN_ABORTED when we cannot accelerate the entitlements
429*0f4c859eSApple OSS Distributions * because it would consume too much memory. In this case, we still want to
430*0f4c859eSApple OSS Distributions * return the ce_ctx since we don't want the system to fall-back to non-PPL
431*0f4c859eSApple OSS Distributions * locked down memory, so we switch this to a success case.
432*0f4c859eSApple OSS Distributions */
433*0f4c859eSApple OSS Distributions if (ret == KERN_ABORTED) {
434*0f4c859eSApple OSS Distributions ret = KERN_SUCCESS;
435*0f4c859eSApple OSS Distributions }
436*0f4c859eSApple OSS Distributions
437*0f4c859eSApple OSS Distributions /* Return the accelerated context to the caller */
438*0f4c859eSApple OSS Distributions if ((ret == KERN_SUCCESS) && (ce_ctx != NULL)) {
439*0f4c859eSApple OSS Distributions *ce_ctx = cd_entry->ce_ctx;
440*0f4c859eSApple OSS Distributions }
441*0f4c859eSApple OSS Distributions
442*0f4c859eSApple OSS Distributions return ret;
443*0f4c859eSApple OSS Distributions }
444*0f4c859eSApple OSS Distributions
445*0f4c859eSApple OSS Distributions #pragma mark Image4
446*0f4c859eSApple OSS Distributions
447*0f4c859eSApple OSS Distributions void*
ppl_image4_storage_data(size_t * allocated_size)448*0f4c859eSApple OSS Distributions ppl_image4_storage_data(
449*0f4c859eSApple OSS Distributions size_t *allocated_size)
450*0f4c859eSApple OSS Distributions {
451*0f4c859eSApple OSS Distributions return pmap_image4_pmap_data(allocated_size);
452*0f4c859eSApple OSS Distributions }
453*0f4c859eSApple OSS Distributions
454*0f4c859eSApple OSS Distributions void
ppl_image4_set_nonce(const img4_nonce_domain_index_t ndi,const img4_nonce_t * nonce)455*0f4c859eSApple OSS Distributions ppl_image4_set_nonce(
456*0f4c859eSApple OSS Distributions const img4_nonce_domain_index_t ndi,
457*0f4c859eSApple OSS Distributions const img4_nonce_t *nonce)
458*0f4c859eSApple OSS Distributions {
459*0f4c859eSApple OSS Distributions return pmap_image4_set_nonce(ndi, nonce);
460*0f4c859eSApple OSS Distributions }
461*0f4c859eSApple OSS Distributions
462*0f4c859eSApple OSS Distributions void
ppl_image4_roll_nonce(const img4_nonce_domain_index_t ndi)463*0f4c859eSApple OSS Distributions ppl_image4_roll_nonce(
464*0f4c859eSApple OSS Distributions const img4_nonce_domain_index_t ndi)
465*0f4c859eSApple OSS Distributions {
466*0f4c859eSApple OSS Distributions return pmap_image4_roll_nonce(ndi);
467*0f4c859eSApple OSS Distributions }
468*0f4c859eSApple OSS Distributions
469*0f4c859eSApple OSS Distributions errno_t
ppl_image4_copy_nonce(const img4_nonce_domain_index_t ndi,img4_nonce_t * nonce_out)470*0f4c859eSApple OSS Distributions ppl_image4_copy_nonce(
471*0f4c859eSApple OSS Distributions const img4_nonce_domain_index_t ndi,
472*0f4c859eSApple OSS Distributions img4_nonce_t *nonce_out)
473*0f4c859eSApple OSS Distributions {
474*0f4c859eSApple OSS Distributions return pmap_image4_copy_nonce(ndi, nonce_out);
475*0f4c859eSApple OSS Distributions }
476*0f4c859eSApple OSS Distributions
477*0f4c859eSApple OSS Distributions errno_t
ppl_image4_execute_object(img4_runtime_object_spec_index_t obj_spec_index,const img4_buff_t * payload,const img4_buff_t * manifest)478*0f4c859eSApple OSS Distributions ppl_image4_execute_object(
479*0f4c859eSApple OSS Distributions img4_runtime_object_spec_index_t obj_spec_index,
480*0f4c859eSApple OSS Distributions const img4_buff_t *payload,
481*0f4c859eSApple OSS Distributions const img4_buff_t *manifest)
482*0f4c859eSApple OSS Distributions {
483*0f4c859eSApple OSS Distributions errno_t err = EINVAL;
484*0f4c859eSApple OSS Distributions kern_return_t kr = KERN_DENIED;
485*0f4c859eSApple OSS Distributions img4_buff_t payload_aligned = IMG4_BUFF_INIT;
486*0f4c859eSApple OSS Distributions img4_buff_t manifest_aligned = IMG4_BUFF_INIT;
487*0f4c859eSApple OSS Distributions vm_address_t payload_addr = 0;
488*0f4c859eSApple OSS Distributions vm_size_t payload_len_aligned = 0;
489*0f4c859eSApple OSS Distributions vm_address_t manifest_addr = 0;
490*0f4c859eSApple OSS Distributions vm_size_t manifest_len_aligned = 0;
491*0f4c859eSApple OSS Distributions
492*0f4c859eSApple OSS Distributions if (payload == NULL) {
493*0f4c859eSApple OSS Distributions printf("invalid object execution request: no payload\n");
494*0f4c859eSApple OSS Distributions goto out;
495*0f4c859eSApple OSS Distributions }
496*0f4c859eSApple OSS Distributions
497*0f4c859eSApple OSS Distributions /*
498*0f4c859eSApple OSS Distributions * The PPL will attempt to lockdown both the payload and the manifest before executing
499*0f4c859eSApple OSS Distributions * the object. In order for that to happen, both the artifacts need to be page-aligned.
500*0f4c859eSApple OSS Distributions */
501*0f4c859eSApple OSS Distributions payload_len_aligned = round_page(payload->i4b_len);
502*0f4c859eSApple OSS Distributions if (manifest != NULL) {
503*0f4c859eSApple OSS Distributions manifest_len_aligned = round_page(manifest->i4b_len);
504*0f4c859eSApple OSS Distributions }
505*0f4c859eSApple OSS Distributions
506*0f4c859eSApple OSS Distributions kr = kmem_alloc(
507*0f4c859eSApple OSS Distributions kernel_map,
508*0f4c859eSApple OSS Distributions &payload_addr,
509*0f4c859eSApple OSS Distributions payload_len_aligned,
510*0f4c859eSApple OSS Distributions KMA_KOBJECT,
511*0f4c859eSApple OSS Distributions VM_KERN_MEMORY_SECURITY);
512*0f4c859eSApple OSS Distributions
513*0f4c859eSApple OSS Distributions if (kr != KERN_SUCCESS) {
514*0f4c859eSApple OSS Distributions printf("unable to allocate memory for image4 payload: %d\n", kr);
515*0f4c859eSApple OSS Distributions err = ENOMEM;
516*0f4c859eSApple OSS Distributions goto out;
517*0f4c859eSApple OSS Distributions }
518*0f4c859eSApple OSS Distributions
519*0f4c859eSApple OSS Distributions /* Copy in the payload */
520*0f4c859eSApple OSS Distributions memcpy((uint8_t*)payload_addr, payload->i4b_bytes, payload->i4b_len);
521*0f4c859eSApple OSS Distributions
522*0f4c859eSApple OSS Distributions /* Construct the aligned payload buffer */
523*0f4c859eSApple OSS Distributions payload_aligned.i4b_bytes = (uint8_t*)payload_addr;
524*0f4c859eSApple OSS Distributions payload_aligned.i4b_len = payload->i4b_len;
525*0f4c859eSApple OSS Distributions
526*0f4c859eSApple OSS Distributions if (manifest != NULL) {
527*0f4c859eSApple OSS Distributions kr = kmem_alloc(
528*0f4c859eSApple OSS Distributions kernel_map,
529*0f4c859eSApple OSS Distributions &manifest_addr,
530*0f4c859eSApple OSS Distributions manifest_len_aligned,
531*0f4c859eSApple OSS Distributions KMA_KOBJECT,
532*0f4c859eSApple OSS Distributions VM_KERN_MEMORY_SECURITY);
533*0f4c859eSApple OSS Distributions
534*0f4c859eSApple OSS Distributions if (kr != KERN_SUCCESS) {
535*0f4c859eSApple OSS Distributions printf("unable to allocate memory for image4 manifest: %d\n", kr);
536*0f4c859eSApple OSS Distributions err = ENOMEM;
537*0f4c859eSApple OSS Distributions goto out;
538*0f4c859eSApple OSS Distributions }
539*0f4c859eSApple OSS Distributions
540*0f4c859eSApple OSS Distributions /* Construct the aligned manifest buffer */
541*0f4c859eSApple OSS Distributions manifest_aligned.i4b_bytes = (uint8_t*)manifest_addr;
542*0f4c859eSApple OSS Distributions manifest_aligned.i4b_len = manifest->i4b_len;
543*0f4c859eSApple OSS Distributions
544*0f4c859eSApple OSS Distributions /* Copy in the manifest */
545*0f4c859eSApple OSS Distributions memcpy((uint8_t*)manifest_addr, manifest->i4b_bytes, manifest->i4b_len);
546*0f4c859eSApple OSS Distributions }
547*0f4c859eSApple OSS Distributions
548*0f4c859eSApple OSS Distributions err = pmap_image4_execute_object(obj_spec_index, &payload_aligned, &manifest_aligned);
549*0f4c859eSApple OSS Distributions if (err != 0) {
550*0f4c859eSApple OSS Distributions printf("unable to execute image4 object: %d\n", err);
551*0f4c859eSApple OSS Distributions goto out;
552*0f4c859eSApple OSS Distributions }
553*0f4c859eSApple OSS Distributions
554*0f4c859eSApple OSS Distributions out:
555*0f4c859eSApple OSS Distributions /* We always free the manifest as it isn't required anymore */
556*0f4c859eSApple OSS Distributions if (manifest_addr != 0) {
557*0f4c859eSApple OSS Distributions kmem_free(kernel_map, manifest_addr, manifest_len_aligned);
558*0f4c859eSApple OSS Distributions manifest_addr = 0;
559*0f4c859eSApple OSS Distributions manifest_len_aligned = 0;
560*0f4c859eSApple OSS Distributions }
561*0f4c859eSApple OSS Distributions
562*0f4c859eSApple OSS Distributions /* If we encountered an error -- free the allocated payload */
563*0f4c859eSApple OSS Distributions if ((err != 0) && (payload_addr != 0)) {
564*0f4c859eSApple OSS Distributions kmem_free(kernel_map, payload_addr, payload_len_aligned);
565*0f4c859eSApple OSS Distributions payload_addr = 0;
566*0f4c859eSApple OSS Distributions payload_len_aligned = 0;
567*0f4c859eSApple OSS Distributions }
568*0f4c859eSApple OSS Distributions
569*0f4c859eSApple OSS Distributions return err;
570*0f4c859eSApple OSS Distributions }
571*0f4c859eSApple OSS Distributions
572*0f4c859eSApple OSS Distributions errno_t
ppl_image4_copy_object(img4_runtime_object_spec_index_t obj_spec_index,vm_address_t object_out,size_t * object_length)573*0f4c859eSApple OSS Distributions ppl_image4_copy_object(
574*0f4c859eSApple OSS Distributions img4_runtime_object_spec_index_t obj_spec_index,
575*0f4c859eSApple OSS Distributions vm_address_t object_out,
576*0f4c859eSApple OSS Distributions size_t *object_length)
577*0f4c859eSApple OSS Distributions {
578*0f4c859eSApple OSS Distributions errno_t err = EINVAL;
579*0f4c859eSApple OSS Distributions kern_return_t kr = KERN_DENIED;
580*0f4c859eSApple OSS Distributions vm_address_t object_addr = 0;
581*0f4c859eSApple OSS Distributions vm_size_t object_len_aligned = 0;
582*0f4c859eSApple OSS Distributions
583*0f4c859eSApple OSS Distributions if (object_out == 0) {
584*0f4c859eSApple OSS Distributions printf("invalid object copy request: no object input buffer\n");
585*0f4c859eSApple OSS Distributions goto out;
586*0f4c859eSApple OSS Distributions } else if (object_length == NULL) {
587*0f4c859eSApple OSS Distributions printf("invalid object copy request: no object input length\n");
588*0f4c859eSApple OSS Distributions goto out;
589*0f4c859eSApple OSS Distributions }
590*0f4c859eSApple OSS Distributions
591*0f4c859eSApple OSS Distributions /*
592*0f4c859eSApple OSS Distributions * The PPL will attempt to pin the input buffer in order to ensure that the kernel
593*0f4c859eSApple OSS Distributions * didn't pass in PPL-owned buffers. The PPL cannot pin the same page more than once,
594*0f4c859eSApple OSS Distributions * and attempting to do so will panic the system. Hence, we allocate fresh pages for
595*0f4c859eSApple OSS Distributions * for the PPL to pin.
596*0f4c859eSApple OSS Distributions *
597*0f4c859eSApple OSS Distributions * We can send in the address for the length pointer since that is allocated on the
598*0f4c859eSApple OSS Distributions * stack, so the PPL can pin our stack for the duration of the call as no other
599*0f4c859eSApple OSS Distributions * thread can be using our stack, meaning the PPL will never attempt to double-pin
600*0f4c859eSApple OSS Distributions * the page.
601*0f4c859eSApple OSS Distributions */
602*0f4c859eSApple OSS Distributions object_len_aligned = round_page(*object_length);
603*0f4c859eSApple OSS Distributions
604*0f4c859eSApple OSS Distributions kr = kmem_alloc(
605*0f4c859eSApple OSS Distributions kernel_map,
606*0f4c859eSApple OSS Distributions &object_addr,
607*0f4c859eSApple OSS Distributions object_len_aligned,
608*0f4c859eSApple OSS Distributions KMA_KOBJECT,
609*0f4c859eSApple OSS Distributions VM_KERN_MEMORY_SECURITY);
610*0f4c859eSApple OSS Distributions
611*0f4c859eSApple OSS Distributions if (kr != KERN_SUCCESS) {
612*0f4c859eSApple OSS Distributions printf("unable to allocate memory for image4 object: %d\n", kr);
613*0f4c859eSApple OSS Distributions err = ENOMEM;
614*0f4c859eSApple OSS Distributions goto out;
615*0f4c859eSApple OSS Distributions }
616*0f4c859eSApple OSS Distributions
617*0f4c859eSApple OSS Distributions err = pmap_image4_copy_object(obj_spec_index, object_addr, object_length);
618*0f4c859eSApple OSS Distributions if (err != 0) {
619*0f4c859eSApple OSS Distributions printf("unable to copy image4 object: %d\n", err);
620*0f4c859eSApple OSS Distributions goto out;
621*0f4c859eSApple OSS Distributions }
622*0f4c859eSApple OSS Distributions
623*0f4c859eSApple OSS Distributions /* Copy the data back into the caller passed buffer */
624*0f4c859eSApple OSS Distributions memcpy((void*)object_out, (void*)object_addr, *object_length);
625*0f4c859eSApple OSS Distributions
626*0f4c859eSApple OSS Distributions out:
627*0f4c859eSApple OSS Distributions /* We don't ever need to keep around our page-aligned buffer */
628*0f4c859eSApple OSS Distributions if (object_addr != 0) {
629*0f4c859eSApple OSS Distributions kmem_free(kernel_map, object_addr, object_len_aligned);
630*0f4c859eSApple OSS Distributions object_addr = 0;
631*0f4c859eSApple OSS Distributions object_len_aligned = 0;
632*0f4c859eSApple OSS Distributions }
633*0f4c859eSApple OSS Distributions
634*0f4c859eSApple OSS Distributions return err;
635*0f4c859eSApple OSS Distributions }
636*0f4c859eSApple OSS Distributions
637*0f4c859eSApple OSS Distributions const void*
ppl_image4_get_monitor_exports(void)638*0f4c859eSApple OSS Distributions ppl_image4_get_monitor_exports(void)
639*0f4c859eSApple OSS Distributions {
640*0f4c859eSApple OSS Distributions /*
641*0f4c859eSApple OSS Distributions * AppleImage4 can query the PMAP_CS runtime on its own since the PMAP_CS
642*0f4c859eSApple OSS Distributions * runtime is compiled within the kernel extension itself. As a result, we
643*0f4c859eSApple OSS Distributions * never expect this KPI to be called when the system uses the PPL monitor.
644*0f4c859eSApple OSS Distributions */
645*0f4c859eSApple OSS Distributions
646*0f4c859eSApple OSS Distributions printf("explicit monitor-exports-get not required for the PPL\n");
647*0f4c859eSApple OSS Distributions return NULL;
648*0f4c859eSApple OSS Distributions }
649*0f4c859eSApple OSS Distributions
650*0f4c859eSApple OSS Distributions errno_t
ppl_image4_set_release_type(__unused const char * release_type)651*0f4c859eSApple OSS Distributions ppl_image4_set_release_type(
652*0f4c859eSApple OSS Distributions __unused const char *release_type)
653*0f4c859eSApple OSS Distributions {
654*0f4c859eSApple OSS Distributions /*
655*0f4c859eSApple OSS Distributions * AppleImage4 stores the release type in the CTRR protected memory region
656*0f4c859eSApple OSS Distributions * of its kernel extension. This is accessible by the PMAP_CS runtime as the
657*0f4c859eSApple OSS Distributions * runtime is compiled alongside the kernel extension. As a result, we never
658*0f4c859eSApple OSS Distributions * expect this KPI to be called when the system uses the PPL monitor.
659*0f4c859eSApple OSS Distributions */
660*0f4c859eSApple OSS Distributions
661*0f4c859eSApple OSS Distributions printf("explicit release-type-set set not required for the PPL\n");
662*0f4c859eSApple OSS Distributions return ENOTSUP;
663*0f4c859eSApple OSS Distributions }
664*0f4c859eSApple OSS Distributions
665*0f4c859eSApple OSS Distributions errno_t
ppl_image4_set_bnch_shadow(__unused const img4_nonce_domain_index_t ndi)666*0f4c859eSApple OSS Distributions ppl_image4_set_bnch_shadow(
667*0f4c859eSApple OSS Distributions __unused const img4_nonce_domain_index_t ndi)
668*0f4c859eSApple OSS Distributions {
669*0f4c859eSApple OSS Distributions /*
670*0f4c859eSApple OSS Distributions * AppleImage4 stores the BNCH shadow in the CTRR protected memory region
671*0f4c859eSApple OSS Distributions * of its kernel extension. This is accessible by the PMAP_CS runtime as the
672*0f4c859eSApple OSS Distributions * runtime is compiled alongside the kernel extension. As a result, we never
673*0f4c859eSApple OSS Distributions * expect this KPI to be called when the system uses the PPL monitor.
674*0f4c859eSApple OSS Distributions */
675*0f4c859eSApple OSS Distributions
676*0f4c859eSApple OSS Distributions printf("explicit BNCH-shadow-set not required for the PPL\n");
677*0f4c859eSApple OSS Distributions return ENOTSUP;
678*0f4c859eSApple OSS Distributions }
679*0f4c859eSApple OSS Distributions
680*0f4c859eSApple OSS Distributions #endif /* PMAP_CS_PPL_MONITOR */
681